Mercurial > trustbridge
comparison cinst/main.c @ 132:4691d9e3b1d3
Merged
| author | Sascha Wilde <wilde@intevation.de> |
|---|---|
| date | Mon, 24 Mar 2014 13:35:20 +0100 |
| parents | 898446d9d23e |
| children | 4904fe01055d |
comparison
equal
deleted
inserted
replaced
| 131:9104b1b2e4da | 132:4691d9e3b1d3 |
|---|---|
| 36 #include "errorcodes.h" | 36 #include "errorcodes.h" |
| 37 | 37 |
| 38 #ifdef WIN32 | 38 #ifdef WIN32 |
| 39 #include <windows.h> | 39 #include <windows.h> |
| 40 #include <wincrypt.h> | 40 #include <wincrypt.h> |
| 41 #endif | |
| 42 | |
| 43 #ifdef WIN32 | |
| 44 LPWSTR getLastErrorMsg() { | |
| 45 LPWSTR bufPtr = NULL; | |
| 46 DWORD err = GetLastError(); | |
| 47 FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER | | |
| 48 FORMAT_MESSAGE_FROM_SYSTEM | | |
| 49 FORMAT_MESSAGE_IGNORE_INSERTS, | |
| 50 NULL, err, 0, (LPWSTR)&bufPtr, 0, NULL); | |
| 51 if (!bufPtr) { | |
| 52 HMODULE hWinhttp = GetModuleHandleW(L"winhttp"); | |
| 53 if (hWinhttp) { | |
| 54 FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER | | |
| 55 FORMAT_MESSAGE_FROM_HMODULE | | |
| 56 FORMAT_MESSAGE_IGNORE_INSERTS, | |
| 57 hWinhttp, HRESULT_CODE(err), 0, | |
| 58 (LPWSTR)&bufPtr, 0, NULL); | |
| 59 } | |
| 60 } | |
| 61 if (!bufPtr) | |
| 62 printf("Error getting last error\n"); | |
| 63 return bufPtr; | |
| 64 } | |
| 41 #endif | 65 #endif |
| 42 | 66 |
| 43 /* The certificate list + instructions may only be so long as | 67 /* The certificate list + instructions may only be so long as |
| 44 * twice the accepted certificatelist size */ | 68 * twice the accepted certificatelist size */ |
| 45 #define MAX_INPUT_SIZE MAX_LINE_LENGTH * MAX_LINES * 2 | 69 #define MAX_INPUT_SIZE MAX_LINE_LENGTH * MAX_LINES * 2 |
| 59 char ***to_remove) | 83 char ***to_remove) |
| 60 { | 84 { |
| 61 int lines_read = 0; | 85 int lines_read = 0; |
| 62 int readingList = 0; | 86 int readingList = 0; |
| 63 size_t list_size = 0; | 87 size_t list_size = 0; |
| 64 char buf[MAX_LINE_LENGTH + 1]; | 88 char buf[MAX_LINE_LENGTH + 2]; |
| 65 | 89 |
| 66 if (*certificate_list || *to_install || *to_remove) { | 90 if (*certificate_list || *to_install || *to_remove) { |
| 67 printf("Error invalid parameters\n"); | 91 printf("Error invalid parameters\n"); |
| 68 return -1; | 92 return -1; |
| 69 } | 93 } |
| 70 | 94 |
| 71 while (fgets(buf, MAX_LINE_LENGTH + 1, stdin)) { | 95 while (fgets(buf, MAX_LINE_LENGTH + 1, stdin)) { |
| 72 size_t len = strlen(buf); /* fgets ensures buf is terminated */ | 96 size_t len = strlen(buf); /* fgets ensures buf is terminated */ |
| 73 if (len < 2) { | 97 if (len <= 3) { |
| 74 printf("Line to short.\n"); | 98 printf("Line too short.\n"); |
| 75 return ERR_INVALID_INPUT; | 99 return ERR_INVALID_INPUT; |
| 76 } | 100 } |
| 77 if (lines_read ++ > MAX_LINES) { | 101 if (lines_read ++ > MAX_LINES) { |
| 78 printf("Too many lines\n"); | 102 printf("Too many lines\n"); |
| 79 return ERR_TOO_MUCH_INPUT; | 103 return ERR_TOO_MUCH_INPUT; |
| 80 } | 104 } |
| 105 | |
| 106 if (buf[len-2] != '\r') { | |
| 107 if (buf[len-1] != '\n') { | |
| 108 printf("Line too long.\n"); | |
| 109 return ERR_INVALID_INPUT; | |
| 110 } | |
| 111 buf[len-1] = '\r'; | |
| 112 buf[len] = '\n'; | |
| 113 buf[len+1] = '\0'; | |
| 114 len++; | |
| 115 } | |
| 116 | |
| 81 if (strcmp("-----BEGIN CERTIFICATE LIST-----\r\n", buf) == 0){ | 117 if (strcmp("-----BEGIN CERTIFICATE LIST-----\r\n", buf) == 0){ |
| 82 readingList = 1; | 118 readingList = 1; |
| 83 continue; | 119 continue; |
| 84 } | 120 } |
| 85 if (strcmp("-----END CERTIFICATE LIST-----\r\n", buf) == 0){ | 121 if (strcmp("-----END CERTIFICATE LIST-----\r\n", buf) == 0){ |
| 126 | 162 |
| 127 #ifdef WIN32 | 163 #ifdef WIN32 |
| 128 /** @brief Install certificates into Windows store | 164 /** @brief Install certificates into Windows store |
| 129 * | 165 * |
| 130 * @param [in] to_install NULL terminated array of base64 encoded certificates. | 166 * @param [in] to_install NULL terminated array of base64 encoded certificates. |
| 131 * @param [in] user_store set to True if the certificates shoudl be installed | 167 * @param [in] user_store set to True if the certificates should be installed |
| 132 * only for the current user. O for system wide installation. | 168 * only for the current user. O for system wide installation. |
| 133 * @returns 0 on success an errorcode otherwise. | 169 * @returns 0 on success an errorcode otherwise. |
| 134 */ | 170 */ |
| 135 int install_certificates_win(const char **to_install, int user_store) | 171 int install_certificates_win(const char **to_install, int user_store) |
| 136 { | 172 { |
| 137 int i = 0; | 173 int i = 0; |
| 138 HCERTSTORE hStore = NULL; | 174 HCERTSTORE hStore = NULL; |
| 139 | 175 |
| 140 if (!user_store) { | 176 if (user_store) { |
| 141 // Access user store | 177 // Access user store |
| 142 hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, | 178 hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, |
| 143 0, CERT_SYSTEM_STORE_CURRENT_USER, L"Root"); | 179 0, CERT_SYSTEM_STORE_CURRENT_USER, L"Root"); |
| 144 } else { | 180 } else { |
| 145 // Access machine store | 181 // Access machine store |
| 154 while (to_install[i]) { | 190 while (to_install[i]) { |
| 155 size_t needed_len = 0; | 191 size_t needed_len = 0; |
| 156 size_t cert_len = strnlen(to_install[i], MAX_LINE_LENGTH); | 192 size_t cert_len = strnlen(to_install[i], MAX_LINE_LENGTH); |
| 157 int ret = -1; | 193 int ret = -1; |
| 158 unsigned char *buf; | 194 unsigned char *buf; |
| 195 | |
| 159 /* Check the needed size for the buffer */ | 196 /* Check the needed size for the buffer */ |
| 160 ret = base64_decode(NULL, &needed_len, | 197 ret = base64_decode(NULL, &needed_len, |
| 161 (unsigned char *)to_install[i], cert_len); | 198 (unsigned char *)to_install[i], cert_len); |
| 162 | 199 |
| 163 if (ret != 0 && ret != POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL) { | 200 if (ret != 0 && ret != POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL) { |
| 172 | 209 |
| 173 if (ret != 0) { | 210 if (ret != 0) { |
| 174 return ERR_INVALID_INSTRUCTIONS; | 211 return ERR_INVALID_INSTRUCTIONS; |
| 175 } | 212 } |
| 176 | 213 |
| 177 ret = CertAddEncodedCTLToStore (hStore, | 214 ret = CertAddEncodedCertificateToStore (hStore, |
| 178 X509_ASN_ENCODING, | 215 X509_ASN_ENCODING, |
| 179 (PBYTE)buf, | 216 (PBYTE)buf, |
| 180 needed_len, | 217 needed_len, |
| 181 CERT_STORE_ADD_ALWAYS, | 218 CERT_STORE_ADD_ALWAYS, |
| 182 NULL); | 219 NULL); |
| 183 | 220 |
| 184 if (ret != 0) { | 221 if (ret == 0) { |
| 185 printf("Failed to add certificate\n"); | 222 LPWSTR error = getLastErrorMsg(); |
| 186 free(buf); | 223 if (error) { |
| 187 return ret; | 224 printf("Failed to add certificate: %S \n", error); |
| 188 } | 225 LocalFree(error); |
| 226 } | |
| 227 } | |
| 228 i++; | |
| 189 free(buf); | 229 free(buf); |
| 190 } | 230 } |
| 191 if(hStore) { | 231 if(hStore) { |
| 192 CertCloseStore(hStore, 0); | 232 CertCloseStore(hStore, 0); |
| 193 } | 233 } |
| 248 | 288 |
| 249 } | 289 } |
| 250 */ | 290 */ |
| 251 | 291 |
| 252 #ifdef WIN32 | 292 #ifdef WIN32 |
| 253 install_certificates_win((const char**) to_install, 1); | 293 return install_certificates_win((const char**) to_install, 1); |
| 254 //remove_certificates_win((const char**) to_remove, 1); | 294 //remove_certificates_win((const char**) to_remove, 1); |
| 255 #endif | 295 #endif |
| 256 | 296 |
| 257 /* Make valgrind happy */ | 297 /* Make valgrind happy */ |
| 258 strv_free(to_install); | 298 strv_free(to_install); |